Thats the setup I ended up using indeed. With MS DNS. As a secondary though. Our internal BIND is not replicating its internal zones to the outside so we were in no danger of exposing internal ip adresses. (Not that that is a big risk, be my guest, DDOS 192.168.1.1... for all I care) My problem was that our Internal BIND and the W2K3 hated each other. And still do. Ill pick up that book anyway, DNSsing is a grow market ;-) Gr Richard On Thu, 13 Jan 2005 14:18:23 -0600, Henry Sieff <hsieff@xxxxxxxxxxxx> wrote: > > Check the Cricket Book: > _DNS and BIND_ (Cricket Liu et al, 4th Ed. O'Reilly)ppg. 520 - 525 has info > on win2k and I believe it carries over just fine to win2k3 > > The recipe in there worked in my testing for win2k, and I see no reason it > wouldn't work for Win2k3. > > I would delegate everything to a MS DNS server for internal; I always split > out my external DNS servers (the ones used by the world to find me) and keep > them well separated anyways. There is no need for the external world to know > that much about my internal network, just where the web server, ftp server, > and mail exchangers are. > > Henry > ******************************************************** This Weeks Sponsor SeamlessPlanet.com Domain Names Register your .com domain name for as low as $7.85 One of the lowest prices on the web! Part of The Kenzig Group. http://www.seamlessplanet.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Awesome SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm